Microsoft: Over 2 million U.S. PCs caught in botnets

More than 2 million PCs in the U.S., or 5.2 out of every 1,000, were recruited into botnets during the second quarter of 2010, according to a Microsoft report released yesterday.

The company's ninth and latest Security Intelligence Report tracked the spread of botnets and malware infections detected and removed throughout the world during the first and second quarters of the year. The sheer number of infected PCs found and cleaned up by Microsoft in the U.S. in the second quarter was the highest in the world. But the percentage of infected PCs was greater elsewhere.

South Korea took the top spot for the highest percentage of botnets for the quarter, with 354,900, or 14.6 out of every 1,000 PCs. Next in line was Spain with 381,900, or 12.4 out of every 1,000 machines. Altogether, Microsoft's antimalware software found and removed bots from 6.5 million computers around the world in the second quarter, twice as many as for the same period in 2009, according to the report.

Botnets are networks of unsuspecting computers, dubbed zombies, that have been infected by malicious software, or bots. Cybercriminals control and use those computers through the bots to launch spam, viruses, and phishing attacks against other PCs over the Internet.

Among the botnets that plagued computer users during the second quarter, Win32/Rimecud was the most active, with almost 70 percent more detections than the next most common family of botnets. Rimecud was the main malware family responsible for the Mariposa botnet that hit millions of computers around the world in 2009 and 2010 and resulted in the arrest of three men in Spain.

Just this week, Microsoft launched a record number of patches to fix 49 different security holes, including one used by the Stuxnet worm.

To better protect PCs from malware, Microsoft advises individuals and businesses to make sure to update their PCs with the latest patches, download the latest antivirus definitions, and use strong and secure passwords.